diff options
author | Jeremy Benoist <jeremy.benoist@gmail.com> | 2018-12-02 12:43:05 +0100 |
---|---|---|
committer | Jeremy Benoist <jeremy.benoist@gmail.com> | 2019-01-23 13:28:02 +0100 |
commit | a6b242a1fd6f8900d80354361449f1bf62506ef9 (patch) | |
tree | f69d87208d0ebbdb8517529582280b174af74a16 /src/Wallabag/UserBundle/Controller | |
parent | acd4412080dfb73ecaa7f9983728d1d55bc27ea4 (diff) | |
download | wallabag-a6b242a1fd6f8900d80354361449f1bf62506ef9.tar.gz wallabag-a6b242a1fd6f8900d80354361449f1bf62506ef9.tar.zst wallabag-a6b242a1fd6f8900d80354361449f1bf62506ef9.zip |
Enable OTP 2FA
- Update SchebTwoFactorBundle to version 3
- Enable Google 2fa on the bundle
- Disallow ability to use both email and google as 2fa
- Update Ocramius Proxy Manager to handle typed function & attributes (from PHP 7)
- use `$this->addFlash` shortcut instead of `$this->get('session')->getFlashBag()->add`
- update admin to be able to create/reset the 2fa
Diffstat (limited to 'src/Wallabag/UserBundle/Controller')
-rw-r--r-- | src/Wallabag/UserBundle/Controller/ManageController.php | 67 |
1 files changed, 57 insertions, 10 deletions
diff --git a/src/Wallabag/UserBundle/Controller/ManageController.php b/src/Wallabag/UserBundle/Controller/ManageController.php index a9746fb4..08ed25dd 100644 --- a/src/Wallabag/UserBundle/Controller/ManageController.php +++ b/src/Wallabag/UserBundle/Controller/ManageController.php | |||
@@ -8,6 +8,7 @@ use Pagerfanta\Adapter\DoctrineORMAdapter; | |||
8 | use Pagerfanta\Exception\OutOfRangeCurrentPageException; | 8 | use Pagerfanta\Exception\OutOfRangeCurrentPageException; |
9 | use Pagerfanta\Pagerfanta; | 9 | use Pagerfanta\Pagerfanta; |
10 | use Symfony\Bundle\FrameworkBundle\Controller\Controller; | 10 | use Symfony\Bundle\FrameworkBundle\Controller\Controller; |
11 | use Symfony\Component\Form\FormInterface; | ||
11 | use Symfony\Component\HttpFoundation\Request; | 12 | use Symfony\Component\HttpFoundation\Request; |
12 | use Symfony\Component\Routing\Annotation\Route; | 13 | use Symfony\Component\Routing\Annotation\Route; |
13 | use Wallabag\UserBundle\Entity\User; | 14 | use Wallabag\UserBundle\Entity\User; |
@@ -31,10 +32,10 @@ class ManageController extends Controller | |||
31 | // enable created user by default | 32 | // enable created user by default |
32 | $user->setEnabled(true); | 33 | $user->setEnabled(true); |
33 | 34 | ||
34 | $form = $this->createForm('Wallabag\UserBundle\Form\NewUserType', $user); | 35 | $form = $this->createEditForm('NewUserType', $user, $request); |
35 | $form->handleRequest($request); | ||
36 | 36 | ||
37 | if ($form->isSubmitted() && $form->isValid()) { | 37 | if ($form->isSubmitted() && $form->isValid()) { |
38 | $user = $this->handleOtp($form, $user); | ||
38 | $userManager->updateUser($user); | 39 | $userManager->updateUser($user); |
39 | 40 | ||
40 | // dispatch a created event so the associated config will be created | 41 | // dispatch a created event so the associated config will be created |
@@ -62,14 +63,14 @@ class ManageController extends Controller | |||
62 | */ | 63 | */ |
63 | public function editAction(Request $request, User $user) | 64 | public function editAction(Request $request, User $user) |
64 | { | 65 | { |
66 | $userManager = $this->container->get('fos_user.user_manager'); | ||
67 | |||
65 | $deleteForm = $this->createDeleteForm($user); | 68 | $deleteForm = $this->createDeleteForm($user); |
66 | $editForm = $this->createForm('Wallabag\UserBundle\Form\UserType', $user); | 69 | $form = $this->createEditForm('UserType', $user, $request); |
67 | $editForm->handleRequest($request); | ||
68 | 70 | ||
69 | if ($editForm->isSubmitted() && $editForm->isValid()) { | 71 | if ($form->isSubmitted() && $form->isValid()) { |
70 | $em = $this->getDoctrine()->getManager(); | 72 | $user = $this->handleOtp($form, $user); |
71 | $em->persist($user); | 73 | $userManager->updateUser($user); |
72 | $em->flush(); | ||
73 | 74 | ||
74 | $this->get('session')->getFlashBag()->add( | 75 | $this->get('session')->getFlashBag()->add( |
75 | 'notice', | 76 | 'notice', |
@@ -81,7 +82,7 @@ class ManageController extends Controller | |||
81 | 82 | ||
82 | return $this->render('WallabagUserBundle:Manage:edit.html.twig', [ | 83 | return $this->render('WallabagUserBundle:Manage:edit.html.twig', [ |
83 | 'user' => $user, | 84 | 'user' => $user, |
84 | 'edit_form' => $editForm->createView(), | 85 | 'edit_form' => $form->createView(), |
85 | 'delete_form' => $deleteForm->createView(), | 86 | 'delete_form' => $deleteForm->createView(), |
86 | 'twofactor_auth' => $this->getParameter('twofactor_auth'), | 87 | 'twofactor_auth' => $this->getParameter('twofactor_auth'), |
87 | ]); | 88 | ]); |
@@ -157,7 +158,7 @@ class ManageController extends Controller | |||
157 | } | 158 | } |
158 | 159 | ||
159 | /** | 160 | /** |
160 | * Creates a form to delete a User entity. | 161 | * Create a form to delete a User entity. |
161 | * | 162 | * |
162 | * @param User $user The User entity | 163 | * @param User $user The User entity |
163 | * | 164 | * |
@@ -171,4 +172,50 @@ class ManageController extends Controller | |||
171 | ->getForm() | 172 | ->getForm() |
172 | ; | 173 | ; |
173 | } | 174 | } |
175 | |||
176 | /** | ||
177 | * Create a form to create or edit a User entity. | ||
178 | * | ||
179 | * @param string $type Might be NewUserType or UserType | ||
180 | * @param User $user The new / edit user | ||
181 | * @param Request $request The request | ||
182 | * | ||
183 | * @return FormInterface | ||
184 | */ | ||
185 | private function createEditForm($type, User $user, Request $request) | ||
186 | { | ||
187 | $form = $this->createForm('Wallabag\UserBundle\Form\\' . $type, $user); | ||
188 | $form->handleRequest($request); | ||
189 | |||
190 | // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way | ||
191 | if (true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) { | ||
192 | $form->get('googleTwoFactor')->setData(true); | ||
193 | } | ||
194 | |||
195 | return $form; | ||
196 | } | ||
197 | |||
198 | /** | ||
199 | * Handle OTP update, taking care to only have one 2fa enable at a time. | ||
200 | * | ||
201 | * @see ConfigController | ||
202 | * | ||
203 | * @param FormInterface $form | ||
204 | * @param User $user | ||
205 | * | ||
206 | * @return User | ||
207 | */ | ||
208 | private function handleOtp(FormInterface $form, User $user) | ||
209 | { | ||
210 | if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) { | ||
211 | $user->setGoogleAuthenticatorSecret($this->get('scheb_two_factor.security.google_authenticator')->generateSecret()); | ||
212 | $user->setEmailTwoFactor(false); | ||
213 | |||
214 | return $user; | ||
215 | } | ||
216 | |||
217 | $user->setGoogleAuthenticatorSecret(null); | ||
218 | |||
219 | return $user; | ||
220 | } | ||
174 | } | 221 | } |